The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Certain network infrastructure devices use protocols that incorporate sending periodic keep-alive or heartbeat messages to indicate that the devices are active. However, in certain protocols if required keep-alive messages are not timely sent, a device may assume that a device failure or network failure occurred. In a cryptographic key agreement system, the inability to disseminate keep-alive messages may be interpreted as inability to participate in a data security protocol, such as IPsec or MACsec. In response, undesirable corrective actions may occur such as deleting cryptographic state or establishing a different secure connection with another device, even if the first device only incurred a partial failure, such as a failure of a message transmitting module while application-specific integrated circuit (ASIC) hardware module or on a line card that executes data security functions remains active. Similar problems, in which lack of keep-alive messages caused by partial failure results in undesired responses, may occur in the context of In-Service Software Upgrades (ISSU), various distributed systems, and systems supporting High Availability (HA) schemes.